CVE-2018-2783 : Portal does not expose any ports used by the Java Security componentCVE-2018-2795 : Portal does not use serialization for any of its functionalityCVE-2018-2798 : Portal does not use serialization for any of its functionalityCVE-2018-2800 : Portal does not use RMI for any of its functionalityCVE-2018-2796 : Portal does not use Java serialization for any functionalityCVE-2017-10067 : Does not affect server deploymentsCVE-2017-10074 : Does not affect server deploymentsCVE-2017-10087 : Does not affect server deploymentsCVE-2017-10089 : Does not affect server deploymentsCVE-2017-10090 : Does not affect server deploymentsCVE-2017-10096 : Does not affect server deploymentsCVE-2017-10101 : Does not affect server deploymentsCVE-2017-10102 : API Portal does not use or expose RMICVE-2017-10107 : Does not affect server deploymentsCVE-2017-10110 : Does not affect server deploymentsCVE-2017-10116 : API Portal does not use LDAPCertStoreCVE-2017-10274 : Does not affect server deploymentsCVE-2017-10285 : Does not affect server deploymentsCVE-2017-10309 : Does not affect server deploymentsCVE-2017-10346 : Does not affect server deploymentsCVE-2017-10388 : API Portal does not use KerberosCVE-2018-2814 : Does not affect server deployments

API Portal is not likely to be these vulnerabilities.

CVE-2017-10115 : Addressed in Java 8u161 which is included with 3.5CR7CVE-2017-10118 : Addressed in Java 8u141. 3.5CR7 includes Java 8u161.CVE-2017-10176 : Addressed in Java 8u141. 3.5CR7 includes Java 8u161.